You can. It's just that no browser that supports HTTP/3 will accept it as a legit endpoint with a valid root. So they won't connect to the HTTP/3 endpoint at all and you won't be able to access the HTTP/3 self-signed website.
And before anyone goes there, no, setting up your own root CA is not an option. Unless you get can Google/Apple/Mozilla/etc to include your root CA in their browser trust stores it doesn't help a random person visit your website at all.
>You can. It's just that no browser that supports HTTP/3 will accept it as a legit endpoint with a valid root. So they won't connect to the HTTP/3 endpoint at all and you won't be able to access the HTTP/3 self-signed website.
So long as there's a way to bypass verification or configure the trust store I'm okay with it. Is there official policy stating that this won't be possible or is this prediction?
As I understand it the primary reason for this push is that non-technical users too often skip security warnings, but I'm of the position there MUST at least be a way to bypass verification no matter what (through keyboard combos or a configurable trust store).
And before anyone goes there, no, setting up your own root CA is not an option. Unless you get can Google/Apple/Mozilla/etc to include your root CA in their browser trust stores it doesn't help a random person visit your website at all.